* Daniel Lezcano <daniel.lezcano@xxxxxxx> schrieb: > I thing a consensus was not reach. The big deal with syslog is netfilter > logs in an interrupt context where it is difficult to find the right log > buffer ring as we are not in the process context making possible to > identify the namespace. That's one of the BIG problems in the Linux kernel, we've recently stumbled with in another project (artificial disk bw limits): far too much happening within interrupt context. Interrupts were originally as _short time_ step-ins for time critical signaling. What's happening here is an abuse of that concept, w/ really bad implications (eg. arbitrary users can create loads to bring down the whole system on extreme load). A clean and more robust solution IMHO could be that the interrupt handler only loads the received l1 frames and enqueue them for an kernel thread (or multiple ones) - an containerized setup then would have separate queues and kthreads on per-container basis. cu -- --------------------------------------------------------------------- Enrico Weigelt == metux IT service - http://www.metux.de/ --------------------------------------------------------------------- Please visit the OpenSource QM Taskforce: http://wiki.metux.de/public/OpenSource_QM_Taskforce Patches / Fixes for a lot dozens of packages in dozens of versions: http://patches.metux.de/ --------------------------------------------------------------------- _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
